Article: 1483
From: Anthony Howe
Date: 2007-03-07 14:06:50 -0500
Subject: Re: Milter-null not working?

Henry Kwan wrote:
> localhost.localdomain           RELAY
> localhost                       RELAY

These are a BAD idea. Special crafted DNS entries can take advantage of 
these entries for open relay purposes. Not sure if Claus did anything to 
handle that case. I always tell people to remove them since the entry is sufficient.

>                       RELAY
> musicalfruit.com                RELAY

Also you should always prefix you entries with Connect:, From:, To: as 
required, since the untagged entries I read are deprecated in sendmail.

I see from your log sample why milter-null doesn't work:

Mar  6 12:26:46 beans milter-null[12387]: map="access" 
key=16:"musicalfruit.com" value="RELAY" rc=0


Mar  6 12:27:21 beans milter-null[12387]: 00001 l26KPqAt012432: white 
listed earlier, skipping message

You'll want to add to access.db:

milter-null-to:				SKIP


milter-null-to:musicalfruit.com		SKIP

to avoid hitting the untagged entry for musicalfruit.com, which acts as 
global white list entry.

